Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NT SERVICE\SSHD Logon Failure when starting SSHD service #964

Closed
leotxcosta opened this issue Nov 24, 2017 · 19 comments
Closed

NT SERVICE\SSHD Logon Failure when starting SSHD service #964

leotxcosta opened this issue Nov 24, 2017 · 19 comments
Labels
Issue-Bug

Comments

@leotxcosta
Copy link

OpenSSH for Windows" version
0.0.23.0

Server OperatingSystem
Windows Server 2008 Standard

What is failing
When I try to start SSHD service I got a logon failure message. Checking event viewer, there is a log with the error "The sshd service was unable to log on as NT SERVICE\SSHD with the currently configured password due to the following error:
Logon failure: unknown user name or bad password."

Expected output
Service starting successfully.

Actual output
Service not starting.
@leotxcosta
Copy link
Author

If I start the process via command line it works. But in this case the process runs under my user.

@chanducrr
Copy link

Even I have the same issue. Is there some config that we can set to accept network username/pwd login?

@chanducrr
Copy link

when I run sshd.exe SSH connection works fine. But I could see a command prompt being opened on the server machine for each putty session. Is it expected?

@bagajjal
Copy link
Collaborator

Please share the sshd.log (DEBUG3 enabled) when sshd failed to start as service.

@manojampalam
Copy link
Contributor

@chanducrr I assume you are using Basic authentication. If so it is expected.

@leotxcosta @chanducrr can you try reinstalling sshd? (just run install-sshd.ps1 in installation folder).

@bingbing8
Copy link
Contributor

bingbing8 commented Nov 29, 2017
edited
Loading

@leotxcosta windows 2008 is equivalent to vista SP1. Note that vista and below is out of scope for our project.
SSHD service can't be started with previous version 0.0.22.0, this is not regression. right?

@chanducrr
Copy link

@manojampalam I tried reinstalling but basic authentication doesn't work . Here is the DEBUG3 log

Windows PowerShell
Copyright (C) 2015 Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> cd 'C:\Program Files\OpenSSH'
PS C:\Program Files\OpenSSH> ls

Directory: C:\Program Files\OpenSSH

Mode LastWriteTime Length Name

d----- 11/15/2017 10:22 PM logs
-a---- 10/17/2017 9:10 PM 2273 FixHostFilePermissions.ps1
-a---- 10/17/2017 9:10 PM 606 FixUserFilePermissions.ps1
-a---- 10/17/2017 9:10 PM 11019 install-sshd.ps1
-a---- 10/17/2017 9:10 PM 1462907 libcrypto-41.dll
-a---- 10/17/2017 9:10 PM 1053 OpenSSHUtils.psd1
-a---- 10/17/2017 9:10 PM 27831 OpenSSHUtils.psm1
-a---- 10/17/2017 9:10 PM 329728 scp.exe
-a---- 10/17/2017 9:10 PM 346624 sftp-server.exe
-a---- 10/17/2017 9:10 PM 397824 sftp.exe
-a---- 10/17/2017 9:10 PM 528384 ssh-add.exe
-a---- 10/17/2017 9:10 PM 620032 ssh-agent.exe
-a---- 10/17/2017 9:10 PM 652288 ssh-keygen.exe
-a---- 10/17/2017 9:10 PM 584704 ssh-keyscan.exe
-a---- 10/17/2017 9:10 PM 148992 ssh-shellhost.exe
-a---- 10/17/2017 9:10 PM 880128 ssh.exe
-a---- 10/17/2017 9:10 PM 930304 sshd.exe
-a---- 11/21/2017 11:20 PM 3561 sshd_config
-a---- 11/15/2017 10:28 PM 668 ssh_host_dsa_key
-a---- 11/15/2017 10:28 PM 621 ssh_host_dsa_key.pub
-a---- 11/15/2017 10:28 PM 227 ssh_host_ecdsa_key
-a---- 11/15/2017 10:28 PM 193 ssh_host_ecdsa_key.pub
-a---- 11/15/2017 10:28 PM 432 ssh_host_ed25519_key
-a---- 11/15/2017 10:28 PM 113 ssh_host_ed25519_key.pub
-a---- 11/15/2017 10:28 PM 1679 ssh_host_rsa_key
-a---- 11/15/2017 10:28 PM 413 ssh_host_rsa_key.pub
-a---- 10/17/2017 9:10 PM 562 uninstall-sshd.ps1

PS C:\Program Files\OpenSSH> .\install-sshd.ps1
[SC] SetServiceObjectSecurity SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig2 SUCCESS
sshd and ssh-agent services successfully installed
PS C:\Program Files\OpenSSH> notepad.exe .\sshd_config
PS C:\Program Files\OpenSSH> cd .\logs
PS C:\Program Files\OpenSSH\logs> tail -f .\sshd.log
89072 01:37:23:161 debug1: private host key #3: ssh-ed25519 SHA256:D9gn4/bc9CzEX7ks09ULCi8LJ8VBXgFz7xwhFDjW3q4
89072 01:37:23:161 debug2: fd 3 setting O_NONBLOCK
89072 01:37:23:161 debug3: sock_set_v6only: set socket 3 IPV6_V6ONLY
89072 01:37:23:161 debug1: Bind to port 22 on ::.
89072 01:37:23:161 Server listening on :: port 22.
89072 01:37:23:161 debug2: fd 4 setting O_NONBLOCK
89072 01:37:23:161 debug1: Bind to port 22 on 0.0.0.0.
89072 01:37:23:161 Server listening on 0.0.0.0 port 22.
89072 01:37:23:161 debug3: Failed to open file:./sshd.pid error:13
89072 01:37:23:161 error: Couldn't create pid file "./sshd.pid": Permission denied
89072 01:37:54:420 debug3: fd 5 is not O_NONBLOCK
89072 01:37:54:420 debug3: spawning "C:\Program Files\OpenSSH\sshd.exe"
89072 01:37:54:420 debug1: Forked child 88700.
88700 01:37:54:452 debug1: sshd version OpenSSH_7.6, LibreSSL 2.5.3
88700 01:37:54:452 debug1: private host key #0: ssh-rsa SHA256:ex0t/cqY4gRUqts/tslynM76eM3FWGce4tMZp659I1Q
88700 01:37:54:467 debug1: private host key #1: ssh-dss SHA256:NyA+nn6y+zEmShaSGos0Dk+P+cXkmA+Sa0h/TgPeUlQ
88700 01:37:54:467 debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:tBwclE61tJsWikJeMj5+p+y8Yni6ncq49KkGqwmupUg
88700 01:37:54:467 debug1: private host key #3: ssh-ed25519 SHA256:D9gn4/bc9CzEX7ks09ULCi8LJ8VBXgFz7xwhFDjW3q4
88700 01:37:54:467 debug3: Failed to open file:./sshd.pid error:13
88700 01:37:54:467 error: Couldn't create pid file "./sshd.pid": Permission denied
88700 01:37:54:467 debug1: child socket: 348
88700 01:37:54:467 debug1: child startup_pipe: 352
88700 01:37:54:467 Connection from 12.34.56.78 port 51970 on 10.211.125.202 port 22
88700 01:37:54:467 debug1: Client protocol version 2.0; client software version PuTTY_Release_0.67
88700 01:37:54:467 debug1: no match: PuTTY_Release_0.67
88700 01:37:54:467 debug1: Local version string SSH-2.0-OpenSSH_7.6
88700 01:37:54:467 debug2: fd 3 setting O_NONBLOCK
88700 01:37:54:467 debug3: list_hostkey_types: ssh-dss key not permitted by HostkeyAlgorithms
88700 01:37:54:467 debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
88700 01:37:54:467 debug3: send packet: type 20
88700 01:37:54:467 debug1: SSH2_MSG_KEXINIT sent
88700 01:37:54:530 debug3: receive packet: type 20
88700 01:37:54:530 debug1: SSH2_MSG_KEXINIT received
88700 01:37:54:530 debug2: local server KEXINIT proposal
88700 01:37:54:530 debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-n
istp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha
512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
88700 01:37:54:530 debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
88700 01:37:54:530 debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr
88700 01:37:54:530 debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr
88700 01:37:54:530 debug2: MACs ctos: [email protected],[email protected],[email protected],hma
[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-51
2,hmac-sha1
88700 01:37:54:530 debug2: MACs stoc: [email protected],[email protected],[email protected],hma
[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-51
2,hmac-sha1
88700 01:37:54:530 debug2: compression ctos: none
88700 01:37:54:530 debug2: compression stoc: none
88700 01:37:54:530 debug2: languages ctos:
88700 01:37:54:530 debug2: languages stoc:
88700 01:37:54:530 debug2: first_kex_follows 0
88700 01:37:54:530 debug2: reserved 0
88700 01:37:54:530 debug2: peer client KEXINIT proposal
88700 01:37:54:530 debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffi
e-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1
88700 01:37:54:530 debug2: host key algorithms: ssh-rsa,ssh-dss
88700 01:37:54:530 debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-
ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
88700 01:37:54:530 debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-
ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
88700 01:37:54:530 debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
88700 01:37:54:530 debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
88700 01:37:54:530 debug2: compression ctos: none,zlib
88700 01:37:54:530 debug2: compression stoc: none,zlib
88700 01:37:54:530 debug2: languages ctos:
88700 01:37:54:530 debug2: languages stoc:
88700 01:37:54:530 debug2: first_kex_follows 0
88700 01:37:54:530 debug2: reserved 0
88700 01:37:54:530 debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
88700 01:37:54:530 debug1: kex: host key algorithm: ssh-rsa
88700 01:37:54:530 debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none
88700 01:37:54:530 debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none
88700 01:37:54:530 debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST
88700 01:37:54:577 debug3: receive packet: type 34
88700 01:37:54:577 debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
88700 01:37:54:577 debug3: Failed to open file:./moduli error:2
88700 01:37:54:577 WARNING: could not open ./moduli (No such file or directory), using fixed modulus
88700 01:37:54:577 debug3: dh_new_group_fallback: requested max size 8192
88700 01:37:54:577 debug3: using 8k bit group 18
88700 01:37:54:577 debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
88700 01:37:54:577 debug3: send packet: type 31
88700 01:37:54:655 debug2: bits set: 4008/8192
88700 01:37:54:655 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
88700 01:37:55:205 debug3: receive packet: type 32
88700 01:37:55:205 debug2: bits set: 4018/8192
88700 01:37:55:283 debug3: send packet: type 33
88700 01:37:55:283 debug3: send packet: type 21
88700 01:37:55:283 debug2: set_newkeys: mode 1
88700 01:37:55:283 debug1: rekey after 4294967296 blocks
88700 01:37:55:283 debug1: SSH2_MSG_NEWKEYS sent
88700 01:37:55:283 debug1: expecting SSH2_MSG_NEWKEYS
88700 01:37:55:814 debug3: receive packet: type 21
88700 01:37:55:814 debug1: SSH2_MSG_NEWKEYS received
88700 01:37:55:814 debug2: set_newkeys: mode 0
88700 01:37:55:814 debug1: rekey after 4294967296 blocks
88700 01:37:55:814 debug1: KEX done
88700 01:37:55:830 debug3: receive packet: type 5
88700 01:37:55:830 debug3: send packet: type 6
88700 01:38:07:995 debug3: receive packet: type 50
88700 01:38:07:995 debug1: userauth-request for user XYZORG\adminuser service ssh-connection method none
88700 01:38:07:995 debug1: attempt 0 failures 0
88700 01:38:07:995 debug2: parse_server_config: config reprocess config len 272
88700 01:38:10:276 debug3: NetUserGetInfo() failed with error: 1722 for user: adminuser and domain: XYZORG \n
88700 01:38:10:308 debug3: NetUserGetInfo() with domainController: \\SW730XYZORGDC004 failed with error: 5 \n
88700 01:38:10:308 Invalid user XYZORG\adminuser from 12.34.56.78 port 51970
88700 01:38:10:308 debug2: input_userauth_request: try method none
88700 01:38:10:308 Failed none for invalid user XYZORG\adminuser from 12.34.56.78 port 51970 ssh2
88700 01:38:10:308 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
88700 01:38:10:308 debug3: send packet: type 51
88700 01:38:10:401 debug3: receive packet: type 50
88700 01:38:10:401 debug1: userauth-request for user XYZORG\adminuser service ssh-connection method keyboard-interactiv
e
88700 01:38:10:401 debug1: attempt 1 failures 0
88700 01:38:10:401 debug2: input_userauth_request: try method keyboard-interactive
88700 01:38:10:401 debug1: keyboard-interactive devs
88700 01:38:10:401 debug1: auth2_challenge: user=XYZORG\adminuser devs=
88700 01:38:10:401 debug1: kbdint_alloc: devices ''
88700 01:38:10:401 debug2: auth2_challenge_start: devices
88700 01:38:10:401 Failed keyboard-interactive for invalid user XYZORG\adminuser from 12.34.56.78 port 51970 ssh2
88700 01:38:10:401 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
88700 01:38:10:401 debug3: send packet: type 51
88700 01:38:25:369 debug3: receive packet: type 50
88700 01:38:25:369 debug1: userauth-request for user XYZORG\adminuser service ssh-connection method password
88700 01:38:25:369 debug1: attempt 2 failures 1
88700 01:38:25:369 debug2: input_userauth_request: try method password
88700 01:38:25:588 debug1: failed to logon user: NOUSER domain: (null) error:1326
88700 01:38:25:588 Failed password for invalid user XYZORG\adminuser from 12.34.56.78 port 51970 ssh2
88700 01:38:25:588 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
88700 01:38:25:588 debug3: send packet: type 51
88700 01:38:25:588 debug3: receive packet: type 2
88700 01:38:25:588 debug3: Received SSH2_MSG_IGNORE
88700 01:38:41:441 debug3: receive packet: type 50
88700 01:38:41:441 debug1: userauth-request for user XYZORG\adminuser service ssh-connection method password
88700 01:38:41:441 debug1: attempt 3 failures 2
88700 01:38:41:441 debug2: input_userauth_request: try method password
88700 01:38:41:675 debug1: failed to logon user: NOUSER domain: (null) error:1326
88700 01:38:41:675 Failed password for invalid user XYZORG\adminuser from 12.34.56.78 port 51970 ssh2
88700 01:38:41:675 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
88700 01:38:41:675 debug3: send packet: type 51
88700 01:38:41:675 debug3: receive packet: type 2
88700 01:38:41:675 debug3: Received SSH2_MSG_IGNORE
88700 01:38:49:147 debug3: receive packet: type 50
88700 01:38:49:147 debug1: userauth-request for user XYZORG\adminuser service ssh-connection method password
88700 01:38:49:147 debug1: attempt 4 failures 3
88700 01:38:49:147 debug2: input_userauth_request: try method password
88700 01:38:49:350 debug1: failed to logon user: NOUSER domain: (null) error:1326
88700 01:38:49:350 Failed password for invalid user XYZORG\adminuser from 12.34.56.78 port 51970 ssh2
88700 01:38:49:350 debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
88700 01:38:49:350 debug3: send packet: type 51
88700 01:38:49:350 debug3: receive packet: type 2
88700 01:38:49:350 debug3: Received SSH2_MSG_IGNORE

@chanducrr
Copy link

@bagajjal @manojampalam @bingbing8 We are trying this on Windows Server 2012 R2

@chanducrr
Copy link

@bagajjal @manojampalam @bingbing8

Here is the success case log when run sshd

PS C:\Program Files\OpenSSH> .\sshd.exe -ddd
debug2: load_server_config: filename ./sshd_config
debug2: load_server_config: done config len = 272
debug2: parse_server_config: config ./sshd_config len 272
debug3: ./sshd_config:35 setting LogLevel DEBUG3
debug3: ./sshd_config:50 setting AuthorizedKeysFile .ssh/authorized_keys
debug3: ./sshd_config:63 setting PasswordAuthentication yes
debug3: ./sshd_config:115 setting Subsystem sftp sftp-server.exe
debug3: ./sshd_config:123 setting hostkeyagent \\.\pipe\openssh-ssh-agent
debug1: sshd version OpenSSH_7.6, LibreSSL 2.5.3
debug3: unable to connect to pipe \\.\pipe\openssh-ssh-agent, error: 2
Could not connect to agent "\\.\pipe\openssh-ssh-agent": No such file or directory
debug1: private host key #0: ssh-rsa SHA256:ex0t/cqY4gRUqts/tslynM76eM3FWGce4tMZp659I1Q
debug1: private host key #1: ssh-dss SHA256:NyA+nn6y+zEmShaSGos0Dk+P+cXkmA+Sa0h/TgPeUlQ
debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:tBwclE61tJsWikJeMj5+p+y8Yni6ncq49KkGqwmupUg
debug1: private host key #3: ssh-ed25519 SHA256:D9gn4/bc9CzEX7ks09ULCi8LJ8VBXgFz7xwhFDjW3q4
debug2: fd 3 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 3 IPV6_V6ONLY
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
Connection from 12.34.56.78 port 52184 on 10.211.125.202 port 22
debug1: Client protocol version 2.0; client software version PuTTY_Release_0.67
debug1: no match: PuTTY_Release_0.67
debug1: Local version string SSH-2.0-OpenSSH_7.6
debug2: fd 5 setting O_NONBLOCK
debug3: list_hostkey_types: ssh-dss key not permitted by HostkeyAlgorithms
debug1: list_hostkey_types: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-n
istp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-
group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr
debug2: MACs ctos: [email protected],[email protected],[email protected],hmac-sha2-512-etm@open
ssh.com,[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],hmac-sha2-512-etm@open
ssh.com,[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer client KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-s
ha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blow
fish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
debug2: ciphers stoc: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blow
fish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
debug2: MACs ctos: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
debug2: MACs stoc: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5
debug2: compression ctos: none,zlib
debug2: compression stoc: none,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256 compression: none
debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST
debug3: receive packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug3: Failed to open file:./moduli error:2
WARNING: could not open ./moduli (No such file or directory), using fixed modulus
debug3: dh_new_group_fallback: requested max size 8192
debug3: using 8k bit group 18
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug3: send packet: type 31
debug2: bits set: 4216/8192
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug3: receive packet: type 32
debug2: bits set: 4051/8192
debug3: send packet: type 33
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug1: KEX done
debug3: receive packet: type 5
debug3: send packet: type 6
debug3: receive packet: type 50
debug1: userauth-request for user XYZORG\adminuser service ssh-connection method none
debug1: attempt 0 failures 0
debug2: parse_server_config: config reprocess config len 272
debug3: NetUserGetInfo() failed with error: 1722 for user: adminuser and domain: XYZORG

debug2: input_userauth_request: setting up authctxt for XYZORG\adminuser
debug2: input_userauth_request: try method none
Failed none for XYZORG\adminuser from 12.34.56.78 port 52184 ssh2
debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
debug3: send packet: type 51
debug3: receive packet: type 50
debug1: userauth-request for user XYZORG\adminuser service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 0
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=XYZORG\adminuser devs=
debug1: kbdint_alloc: devices ''
debug2: auth2_challenge_start: devices
Failed keyboard-interactive for XYZORG\adminuser from 12.34.56.78 port 52184 ssh2
debug3: userauth_finish: failure partial=0 next methods="publickey,password,keyboard-interactive"
debug3: send packet: type 51
debug3: receive packet: type 50
debug1: userauth-request for user XYZORG\adminuser service ssh-connection method password
debug1: attempt 2 failures 1
debug2: input_userauth_request: try method password
Accepted password for XYZORG\adminuser from 12.34.56.78 port 52184 ssh2
debug3: send packet: type 52
debug3: notify_hostkeys: key 0: ssh-rsa SHA256:ex0t/cqY4gRUqts/tslynM76eM3FWGce4tMZp659I1Q
debug3: notify_hostkeys: key 1: ssh-dss SHA256:NyA+nn6y+zEmShaSGos0Dk+P+cXkmA+Sa0h/TgPeUlQ
debug3: notify_hostkeys: key 2: ecdsa-sha2-nistp256 SHA256:tBwclE61tJsWikJeMj5+p+y8Yni6ncq49KkGqwmupUg
debug3: notify_hostkeys: key 3: ssh-ed25519 SHA256:D9gn4/bc9CzEX7ks09ULCi8LJ8VBXgFz7xwhFDjW3q4
debug3: notify_hostkeys: sent 4 hostkeys
debug3: send packet: type 80
debug1: Entering interactive session for SSH2.
debug2: fd 3 setting O_NONBLOCK
debug2: fd 4 setting O_NONBLOCK
debug1: server_init_dispatch
debug3: receive packet: type 2
debug3: Received SSH2_MSG_IGNORE
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug3: send packet: type 91
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc console
debug1: Ignoring unsupported tty mode opcode 3 (0x3)
debug3: send packet: type 99
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on console for adminuser@XYZORG from 12.34.56.78 port 52184 id 0
debug2: fd 6 setting O_NONBLOCK
debug2: fd 7 setting O_NONBLOCK
debug2: fd 8 setting O_NONBLOCK
debug2: fd 9 setting O_NONBLOCK
debug2: fd 10 setting O_NONBLOCK
debug2: fd 11 setting O_NONBLOCK
debug3: unable to connect to pipe \\.\pipe\openssh-ssh-agent, error: 2
debug1: get_priv_agent_sock: unable to connect to privileged agent, errno:2
debug1: Executing command: C:\Program Files\OpenSSH\ssh-shellhost.exe
debug2: fd 5 setting TCP_NODELAY
debug2: channel 0: rfd 8 isatty
debug3: fd 8 is O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug3: fd 10 is O_NONBLOCK
debug3: send packet: type 99
debug2: channel 0: read 0 from efd 10
debug2: channel 0: closing read-efd 10
debug2: notify_done: reading
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 89532
debug1: session_exit_message: session 0 channel 0 pid 89532
debug2: channel 0: request exit-status confirm 0
debug3: send packet: type 98
debug1: session_exit_message: release channel 0
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: send eow
debug2: channel 0: output open -> closed
debug1: session_pty_cleanup: session 0 release console
debug3: NetUserGetInfo() failed with error: 1722 for user: adminuser and domain: XYZORG

debug2: channel 0: read<=0 rfd 8 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug3: send packet: type 96
debug2: channel 0: input drain -> closed
debug2: channel 0: send close
debug3: send packet: type 97
debug3: channel 0: will not send data after close
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug3: channel 0: will not send data after close
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: is dead
debug2: channel 0: gc: notify user
debug1: session_by_channel: session 0 channel 0
debug1: session_close_by_channel: channel 0 child 0
Close session: user adminuser@XYZORG from 12.34.56.78 port 52184 id 0
debug3: session_unused: session id 0 unused
debug2: channel 0: gc: user detached
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: server-session, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 server-session (t4 r256 i3/0 o3/0 fd -1/-1 cc -1)

Connection closed by 12.34.56.78 port 52184
debug1: do_cleanup
Transferred: sent 23984, received 2616 bytes
Closing connection to 12.34.56.78 port 52184
PS C:\Program Files\OpenSSH>

@leotxcosta
Copy link
Author

In Win Server 2012 R2 I didn't have this problem.

@jborean93
Copy link

I don't think you can get this working, they specifically state Windows 7 (Windows Server 2008 R2) and above is supported and Windows Server 2008 is before this edition as per @bingbing8. I tried playing around with this very briefly to see if it was just a software limit but the sshd service is dependent on the netlogon service which won't start up in a non-domain environment for Server 2008.

@chanducrr
Copy link

@jborean93 @manojampalam @bagajjal @bingbing8 I couldn't make it work windows server 2012 R2. Do you have any updates from the logs I've shared?.

May be it is related to this error?

88700 01:38:10:276 debug3: NetUserGetInfo() failed with error: 1722 for user: adminuser and domain: XYZORG \n
88700 01:38:10:308 debug3: NetUserGetInfo() with domainController: \SW730XYZORGDC004 failed with error: 5 \n

@MaximoTrinidad
Copy link

Hi everyone! Sorry I haven't post this one sooner.

This is happening in all versions of Windows (Windows 10) and Windows Servers too.

sshd service logon_initial setup_2018-01-12_19-05-12

sshd service logon_initial setup2_2018-01-12_19-05-12

The workaround I've been using for some time is to change the log On to: Local System Account with "Allow service to interact with desktop". Then, the service will start without any issues.

sshd service logon_2018-01-12_19-05-12

I have blog about this and forgot to open an incident.

:)

@MaximoTrinidad
Copy link

By the way, for some reason, when executing the command:

Start-Service sshd

Is not giving any errors nor notification that the service didn't start.

:)

@bagajjal
Copy link
Collaborator

@MaximoTrinidad - Most likely its related to the host key file permissions.
Please run

  1. .\FixHostFilePermissions.ps1 -Confirm:$false.
    2).\uninstall-sshd.ps1
  2. .\install-sshd.ps1

@MaximoTrinidad
Copy link

@bagajjal,

Awesome! That did it. I'll be fixing my blog post.
Somehow I was messing the order.

Greatly Appreciated,
:)

@manojampalam
Copy link
Contributor

This issue is no longer applicable with the latest changes requiring SSHD to run as SYSTEM

@jborean93
Copy link

@mamojampalam while the service runs without any issues and is listening on the port, it seems like there are still issues with Server 2008. I know it isn’t supported but I didn’t want to give people false hope saying the latest release works on this version.

@manojampalam
Copy link
Contributor

Sure. this thread has too many conversations mixed in one. If someone has an issue on Server 2008, feel free to create a new issue with detailed symptoms. Happy to take a quick look and provide a work around if any.

@archiker archiker mentioned this issue Apr 25, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Issue-Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@chanducrr @jborean93 @bingbing8 @manojampalam @MaximoTrinidad @leotxcosta @bagajjal